Moddable SDK has an unspecified vulnerability (CNVD-2022-08201)

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable, U.S. A security vulnerability exists in Moddable SDK v11.5.0, which was discovered to contain a SEGV vulnerability via the xs source xarray .c in the fx Array prototype sorting. No details of the...

Unspecified vulnerability in Moddable SDK (CNVD-2022-08281)

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable, Inc. and XS is one of the embedded JavaScript engines. A security vulnerability exists in Moddable SDK, which stems from a SEGV vulnerability discovered in Moddable SDK v11.5.0 via the xs source...

Moddable SDK buffer overflow vulnerability

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable USA. a security vulnerability exists in Moddable SDK v11.5.0, which stems from an invalid memory access in component asanmemmove. No details of the vulnerability are currently available...

Moddable SDK Stack Buffer Overflow Vulnerability

Moddable SDK is a set of software development kits SDKs for IoT embedded software development from the US company Moddable. The Moddable SDK has a stack buffer overflow vulnerability in v11.5.0 that stems from a boundary error in the component interceptorstrcat when handling untrusted input. A...

Moddable SDK Heap Buffer Overflow Vulnerability (CNVD-2022-08375)

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable USA. Moddable SDK in version 11.5.0 has a heap buffer overflow vulnerability, which stems from xs/sources/xsDataView.c in fxUint8Getter in the memory buffer vulnerability has an incorrect restrictio...

Moddable SDK Denial of Service Vulnerability

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable, Inc. A denial of service vulnerability exists in Moddable SDK v11.5.0, which stems from the presence of a NULL pointer dereference. An attacker could exploit this vulnerability to cause a denial of...

Moddable SDK buffer over-read vulnerability

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable U.S. A security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulti...

Dell Bios 输入验证错误漏洞

Dell Bios is embedded software on a small memory chip on the motherboard of a computer from Dell USA. The Dell BIOS has an input validation error vulnerability that stems from the Dell BIOS containing an incorrect input validation vulnerability. An attacker could exploit this vulnerability to...

CVE-2021-40872

An issue was discovered in Softing Industrial Automation uaToolkit Embedded before 1.40. Remote attackers to cause a denial of service DoS or login as an anonymous user bypassing security checks by sending crafted messages to a OPC/UA server. The server process may crash unexpectedly because of a...

Dell BIOS Trust Management Issue Vulnerability

BIOS is an acronym that stands for Basic Input Output System. Also known as "system setup", BIOS is the embedded software inside a small memory chip on the motherboard of a computer. This chip is called a complementary metal oxide semiconductor CMOS. The Dell BIOS is vulnerable to trust managemen...

PT-2021-6167 · NetGear · Netgear Rbk352 +1

Name of the Vulnerable Software and Affected Versions: NETGEAR RBK352 versions prior to 4.4.0.10 NETGEAR RBR350 versions prior to 4.4.0.10 NETGEAR RBS350 versions prior to 4.4.0.10 Description: The issue is related to the lack of protection for service data in the embedded software of NETGEAR...

HCC Embedded InterNiche Input Validation Error Vulnerability (CNVD-2021-59228)

HCC Embedded InterNiche is a newsletter software. An input validation error vulnerability exists in the HCC Embedded InterNiche stack, which stems from a lack of size validation, code that parses HTTP POST requests, and can be exploited by an attacker to cause a heap buffer overflow...

PT-2021-7408 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions affected versions not specified Description: The issue is related to a buffer over-read when processing avi files, which can lead to information disclosure. This is due to a lack of buffer length checks and...

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors’ IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash...

Embedded 7z vulnerable with a cvs score of 10

The embedded 7zip version is vulnerable. Please update...

To DVRF（router flaws drone as an example the interpretation of JEB firmware flaws applications Part 1-the vulnerability warning-the black bar safety net

A, media In this series of articles, I will send everyone to the presentation if any application JEB MIPS Decompiler1to find and the application of the embedded equipment software flaws. In order to accomplish this obligation, we need to apply the Praetorian supplied to the DVRF（Damn Vulnerable...

Bean rice ali cloud oss credentials have information leakage vulnerability

Bean Rice APP is a mobile creation chat community software. AliCloud Object Storage Service Object Storage Service, abbreviated as OSS, is a massive, secure and highly reliable cloud storage service provided by AliCloud to the public. AliCloud OSS is a cloud storage service based on AliCloud...

ZYXEL P-660HN-T1H_IPv6 Denial Of Service Exploit

ZYXEL P-660HN-T1HIPv6 remote configuration editor / web service denial of service exploit. | | | ' | | | | | \r\n" ." | | | | | | | | | | | | | \r\n" ." / || || ||/|| || \r\n" ." \r\n" ." \r\n"; print $banner; function Post$packet,$host try $curl = curlinit; curlsetopt$curl, CURLOPTURL, $host;...

ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor Web Server Denial of Service

ZYXEL P-660HN-T1HIPv6 - Remote Configuration Editor Web Server Denial of Service | | | ' | | | | | \r\n" ." | | | | | | | | | | | | | \r\n" ." / || || ||/|| || \r\n" ." \r\n" ." \r\n"; print $banner; function Post$packet,$host try $curl = curlinit; curlsetopt$curl, CURLOPTURL, $host;...

Tropos Wireless Mesh Routers

Overview This advisory is a follow-up to the original advisory titled ICSA-12-297-01P—Tropos Wireless Mesh Routers Insufficient Entropy Vulnerability that was published October 23, 2012, on the ICS-CERT secure Portal library. This advisory provides mitigation details for a vulnerability that...